China suspected in Anthem data breach

Bloomberg News

Published 2:32 pm, Thursday, February 5, 2015

Photo: Michael Conroy / Associated Press

Image 1of/1

Caption

Close

Image 1 of 1

Hackers broke into the database health insurer Anthem, potentially gaining access to information for about 80 million people in an attack bound to stoke fears many Americans have about the privacy of their most sensitive information. less

Hackers broke into the database health insurer Anthem, potentially gaining access to information for about 80 million people in an attack bound to stoke fears many Americans have about the privacy of their most ... more

Photo: Michael Conroy / Associated Press

China suspected in Anthem data breach

1 / 1

Back to Gallery

Investigators of Anthem Inc.’s data breach are pursuing evidence that points to Chinese state-sponsored hackers who are stealing personal information from health care companies for purposes other than pure profit, according to three people familiar with the probe.

The breach, which exposed Social Security numbers and other sensitive details of 80 million customers, is one of the biggest thefts of medical-related customer data in U.S. history. China has said in the past that it doesn’t conduct espionage through hacking.

The attack appears to follow a pattern of thefts of medical data by foreigners seeking a pathway into the personal lives and computers of a select group — defense contractors, government workers and others, according to a U.S. government official familiar with a more than yearlong investigation into the evidence of a broader campaign.

The latest theft continues a string of major breaches of companies including Target Corp., Home Depot Inc. and JPMorgan Chase & Co. that have touched the private data of hundreds of millions of Americans and increased pressure on the U.S. government to respond more forcefully.

Though President Obama promised action against North Korea after the destruction of property at Sony Pictures Entertainment, corporations and the government have struggled to come up with appropriate responses to attacks that fall into a gray area between espionage and crime.

Hackers could use stolen information — which Anthem said in its case included birth dates and e-mail addresses — to conduct “phishing” attacks on customers who unwittingly provide access to their companies’ networks. Government officials have been investigating whether foreign interests are using personal, financial or medical information as leverage to gain intelligence from people who want their information to stay private, according to the U.S. official.

Michael Daniel, Obama’s chief adviser on cybersecurity, said Thursday that he was one of the millions of Anthem customers who had their personal information taken. Anthem also insures employees of Boeing and other defense contractors, which are examples the kinds of targets who could be of interest to foreign intelligence organizations.